Redundant Device Locking Key Management System

1. A redundant key management system, comprising: a network; a key management system that is coupled to the network and configured to generate a device locking key and transmit that key through the network; and a first server device that is coupled to the network, wherein the first server device includes: a managed device; and a first remote access controller device that is coupled to the managed device, that operates independently of an operating system included on the first server device, that uses a first dedicated out-of-band network connection to the network that is separate from an in-band network connection used by the operating system, and that is configured to: receive, through the network from the key management system, a device locking key; lock, using the device locking key, the managed device; encrypt the device locking key to provide an encrypted device locking key; broadcast, through the network to a plurality of second remote access controller devices provided in respective second server devices, the encrypted device locking key as part of a first blockchain transaction that is directed to a blockchain address that is associated with a smart contract on a blockchain that is maintained by the first remote access controller device and the plurality of second remote access controller devices, wherein each of the plurality of second remote access controller devices: operates independently of a respective operating system included on the respective second server device in which that second remote access controller device is provided; and uses a respective second dedicated out-of-band network connection to the network that is separate from a respective in-band network connection used by the respective operating system included on the respective second server device in which that second remote access controller device is provided, and wherein one of the plurality of second remote access controller devices is configured to process the first blockchain transaction to cause the smart contract to execute and store the encrypted device locking key on the blockchain; erase, subsequent to broadcasting the device locking key, the encrypted device locking key; transmit, subsequent to erasing the device locking key, a request to retrieve the encrypted device locking key as part of a second blockchain transaction that is directed to the blockchain address that is associated with the smart contract, wherein one of the plurality of second remote access controller devices is configured to process the second blockchain transaction to cause the smart contract to execute and transmit the encrypted device locking key to the first remote access controller device; receive, through the network from the at least one of the plurality of second remote access controller devices in response to transmitting the request to retrieve the device locking key, the encrypted device locking key; decrypt the encrypted device locking key to provide the device locking key; and use the device locking key to unlock the managed device.

2. The system of claim 1 , wherein the first remote access controller device is configured to: broadcast, through the network to the plurality of second remote access controller devices, a request to store the encrypted device locking key; receive, through the network from at least one of the plurality of second remote access controller devices, an acceptance to store the encrypted device locking key; and transmit, through the network to the at least one of the plurality of second remote access controller devices in response to receiving the acceptance to the store the encrypted device locking key, the encrypted device locking key, wherein the request to retrieve the encrypted device locking key is transmitted to the at least one of the plurality of second remote access controller devices to which the encrypted device locking key was transmitted.

3. The system of claim 2 , wherein the first remote access controller device is configured to: provide the encrypted device locking key along with a first remote access controller device identifier as part of a key bundle; and transmit, through the network to the at least one of the plurality of second remote access controller devices in response to receiving the acceptance to the store the encrypted device locking key, the key bundle.

4. The system of claim 3 , wherein the first remote access controller device is configured to: transmit first remote access controller device identification information along with the request to retrieve the encrypted device locking key, and wherein each of the at least one of the second remote access controller devices is configured to: determine that the first remote access controller device identification information matches the first remote access controller device identifier and, in response, transmit the encrypted device locking key to the first remote access controller device.

5. The system of claim 3 , wherein the first remote access controller device is configured to: receive, through the network the at least one of the plurality of second remote access controller devices in response to transmitting the key bundle, respective second remote access controller device identifiers; store the respective second remote access controller device identifiers; determine, subsequent to storing the respective second remote access controller device identifiers, that the managed devices requires unlocking; and transmit, using the respective second remote access controller device identifiers, the request to retrieve the encrypted device locking key to second remote access controller devices identified by the second remote access controller device identifiers.

6. The system of claim 1 , wherein the processing of the first blockchain transaction causes the smart contract to execute and store the encrypted device locking key on the blockchain in a hash table included in the smart contract.

7. An Information Handling System (IHS), comprising: a first processing system; and a first memory system that is coupled to the first processing system and that includes instructions that, when executed by the first processing system, cause the first processing system to provide a remote access controller engine that operates independently of an operating system that is provided by a second processing system executing instructions included on a second memory system in the IHS, and that is configured to: receive, through a network from a key management system via a first dedicated out-of-band network connection that is separate from an in-band network connection used by the operating system, a device locking key; lock, using the device locking key, a managed device; encrypt the device locking key to provide an encrypted device locking key; broadcast, through the network to a plurality of remote access controller devices provided in respective server devices, the encrypted device locking key as part of a first blockchain transaction that is directed to a blockchain address that is associated with a smart contract on a blockchain that is maintained by the remote access controller engine and the plurality of remote access controller devices, wherein each of the plurality of remote access controller devices: operates independently of a respective operating system included in the respective server device in which that remote access controller device is provided; and uses a respective second dedicated out-of-band network connection to the network that is separate from a respective in-band network connection used by the respective operating system included on the respective server device in which that remote access controller device is provided, and wherein one of the plurality of remote access controller devices is configured to process the first blockchain transaction to cause the smart contract to execute and store the encrypted device locking key on the blockchain; erase, subsequent to broadcasting the device locking key, the encrypted device locking key; transmit, subsequent to erasing the device locking key, a request to retrieve the encrypted device locking key as part of a second blockchain transaction that is directed to the blockchain address that is associated with the smart contract, wherein one of the plurality of remote access controller devices is configured to process the second blockchain transaction to cause the smart contract to execute and transmit the encrypted device locking key to the remote access controller engine; receive, through the network from the at least one of the plurality of remote access controller devices in response to transmitting the request to retrieve the device locking key, the encrypted device locking key; decrypt the encrypted device locking key to provide the device locking key; and use the device locking key to unlock the managed device.

8. The IHS of claim 7 , wherein the remote access controller engine is configured to: broadcast, through the network to the plurality of remote access controller devices, a request to store the encrypted device locking key; receive, through the network from at least one of the plurality of remote access controller devices, an acceptance to store the encrypted device locking key; and transmit, through the network to the at least one of the plurality of remote access controller devices in response to receiving the acceptance to the store the encrypted device locking key, the encrypted device locking key, wherein the request to retrieve the encrypted device locking key is transmitted to the at least one of the plurality of remote access controller devices to which the encrypted device locking key was transmitted.

9. The IHS of claim 8 , wherein the remote access controller engine is configured to: provide the encrypted device locking key along with a first remote access controller engine identifier as part of a key bundle; and transmit, through the network to the at least one of the plurality of remote access controller devices in response to receiving the acceptance to the store the encrypted device locking key, the key bundle.

10. The IHS of claim 9 , wherein the remote access controller engine is configured to: transmit remote access controller engine identification information along with the request to retrieve the encrypted device locking key, and wherein each of the at least one of the remote access controller devices is configured to: determine that the remote access controller engine identification information matches the remote access controller engine identifier and, in response, transmit the encrypted device locking key to the remote access controller engine.

11. The IHS of claim 9 , wherein the remote access controller engine is configured to: receive, through the network the at least one of the plurality of remote access controller devices in response to transmitting the key bundle, respective remote access controller device identifiers; store the respective remote access controller device identifiers; determine, subsequent to storing the respective remote access controller device identifiers, that the managed devices requires unlocking; and transmit, using the respective remote access controller device identifiers, the request to retrieve the encrypted device locking key to remote access controller devices identified by the remote access controller device identifiers.

12. The IHS of claim 7 , wherein the processing of the first blockchain transaction causes the smart contract to execute and store the encrypted device locking key on the blockchain in a hash table included in the smart contract.

13. The IHS of claim 7 , wherein the smart contract is configured to store, on the blockchain, information about the transmission of the encrypted locking key to the remote access controller engine.

14. A method for redundant key management, comprising: receiving, by a first remote access controller device in a first server device through a network from a key management system, a device locking key, wherein the first remote access controller device operates independently of an operating system included on the first server device, and uses a first dedicated out-of-band network connection to the network that is separate from an in-band network connection used by the operating system; locking, by the first remote access controller device using the device locking key, a managed device; encrypting, by the first remote access controller device, the device locking key to provide an encrypted device locking key; broadcasting, by the first remote access controller device through the network to a plurality of second remote access controller devices provided in respective second server devices, the encrypted device locking key as part of a first blockchain transaction that is directed to a blockchain address that is associated with a smart contract on a blockchain that is maintained by the first remote access controller device and the plurality of second remote access controller devices, wherein each of the plurality of second remote access controller devices: operates independently of a respective operating system included on the respective second server device in which that second remote access controller device is provided; and uses a respective second dedicated out-of-band network connection to the network that is separate from a respective in-band network connection used by the respective operating system included on the respective second server device in which that second remote access controller device is provided, and wherein one of the plurality of second remote access controller devices is configured to process the first blockchain transaction to cause the smart contract to execute and store the encrypted device locking key on the blockchain; erasing, by the first remote access controller device subsequent to broadcasting the device locking key, the encrypted device locking key; transmitting, by the first remote access controller device subsequent to erasing the device locking key, a request to retrieve the encrypted device locking key as part of a second blockchain transaction that is directed to the blockchain address that is associated with the smart contract, wherein one of the plurality of second remote access controller devices is configured to process the second blockchain transaction to cause the smart contract to execute and transmit the encrypted device locking key to the first remote access controller device; receiving, by the first remote access controller device through the network from the at least one of the plurality of second remote access controller devices in response to transmitting the request to retrieve the device locking key, the encrypted device locking key; decrypting, by the first remote access controller device, the encrypted device locking key to provide the device locking key; and using, by the first remote access controller device, the device locking key to unlock the managed device.

15. The method of claim 14 , further comprising: broadcasting, by the first remote access controller device through the network to the plurality of second remote access controller devices, a request to store the encrypted device locking key; receiving, by the first remote access controller device through the network from at least one of the plurality of second remote access controller devices, an acceptance to store the encrypted device locking key; and transmitting, by the first remote access controller device through the network to the at least one of the plurality of second remote access controller devices in response to receiving the acceptance to the store the encrypted device locking key, the encrypted device locking key, wherein the request to retrieve the encrypted device locking key is transmitted to the at least one of the plurality of second remote access controller devices to which the encrypted device locking key was transmitted.

16. The method of claim 15 , further comprising: providing, by the first remote access controller device, the encrypted device locking key along with a first remote access controller device identifier as part of a key bundle; and transmitting, by the first remote access controller device through the network to the at least one of the plurality of remote access controller devices in response to receiving the acceptance to the store the encrypted device locking key, the key bundle.

17. The method of claim 16 , further comprising: transmitting, by the first remote access controller device, first remote access controller device identification information along with the request to retrieve the encrypted device locking key, and wherein each of the at least one of the second remote access controller devices is configured to: determine that the first remote access controller device identification information matches the first remote access controller device identifier and, in response, transmit the encrypted device locking key to the first remote access controller device.

18. The method of claim 16 , further comprising: receiving, by the first remote access controller device through the network the at least one of the plurality of second remote access controller devices in response to transmitting the key bundle, respective second remote access controller device identifiers; storing, by the first remote access controller device, the respective second remote access controller device identifiers; determining, by the first remote access controller device subsequent to storing the respective second remote access controller device identifiers, that the managed devices requires unlocking; and transmitting, by the first remote access controller device using the respective second remote access controller device identifiers, the request to retrieve the encrypted device locking key to second remote access controller devices identified by the second remote access controller device identifiers.

19. The method of claim 14 , wherein the processing of the first blockchain transaction causes the smart contract to execute and store the encrypted device locking key on the blockchain in a hash table included in the smart contract.

20. The method of claim 14 , wherein the smart contract is configured to store, on the blockchain, information about the transmission of the encrypted locking key to the first remote access controller device.